This patch converts several delete links to POSTed forms and corrects
the op variable names in the script. The patch also simplifies the
deletion click handlers.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
- Get the CSRF token from the pop-up instead of from the parent window,
since that seems to work
- Remove some click handlers which were made obsolete
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes a number of changes to finish incomplete work in
668cd06e1960a3878ec1c976ce7f2e1f93688468
Initial submissions to batch biblio operations have to accommodate
POSTed file data, so this patch makes changes to instances where we were
submitting biblionumbers in a URL.
We could also choose to make a change in tools/batch_delete_records.pl
and tools/batch_record_modification.pl to handle different "list"
operations differently based on the method of submission. This patch
presents only the client-side option.
The cart presented a unique problem in that it requires that data be
passed from the pop-up window to the parent window, something which
can't as easily be done with a form as with a URL. The workaround I came
up with is to dynamically generate the form in the parent page and
trigger the submission from there.
Also changed:
- More updated CSS to handle buttons inside dropdowns inside toolbars.
- Correct op names for the "list" operation in batch modify and delete
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The "list" step (previewing records to be modified) is a post operation
so the op must be cud-list.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 34478: [TO SQUASH] tools/modborrowers
We actually want to POST here to not reach the limit of a GET request.
It also fixes the following warning in the console:
Form contains enctype=multipart/form-data, but does not contain method=post. Submitting normally with method=GET and no enctype instead.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Required some more changes for mode to op, and delete form.
Most forms did not need a POST.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
We do not longer need to generate_csrf from pl files
TODO - members/boraccount.tt and sco/sco-main.tt needs to be adjusted
Bug 34478: [TO SQUASH] Remove generate_csrf from pl
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
When a patron's attribute is limited to a given patron's category, the
batch patron modification tool will display a hint "This attribute will
be only applied to the patron's category %s". But this is followed by
the description of the patron's attribute, not the patron's category.
Test plan:
Create a patron's attribute "Color of hair" and select a patron
category (Patron).
Batch edit batch and select "Color of hair"
A hint will be display.
=> Without this patch the hint is "This attribute will be only applied
to the patron's category Color of hair"
=> With this patch it will be corrected to "This attribute will be only
applied to the patron's category Patron"
Signed-off-by: Anneli Österman <anneli.osterman@koha-suomi.fi>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
In automatic item modifications by age missing,
conditions can be on columns of tables items or biblioitems.
Table biblio is missing.
Test plan :
1) Create an automatic item modifications by age with a condition on a column of biblio table
2) Create a record and item matching the rule
3) Run misc/cronjobs/automatic_item_modification_by_age.pl -c -v
=> Check only matching items are impacted
Signed-off-by: Philip Orr <philip.orr@lmscloud.de>
Bug 32029: (follow-up) unit test
Signed-off-by: matthias le gac <matthias.le-gac@inlibro.com>
Bug 32029: (follow-up) tidy
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch does three things:
1 - Removes a specific query for withdrawn status of each item scanned - we can use the withdrawn field
2 - Removes a specific query for checkouts on each item scanned - we can use the onloan field
a - additionally we don't need to fetch the checkout as we check it in to the homebranch,
this is likely incorrect - we should use the current branch, but I preserve behavior for now
3 - Fetches the items ahead of time and builds a hash based on barcode, reduces DB lookups, may raise memory usage
To test:
1 - Checkout some items
2 - Withdraw some items
3 - Generate a lsit of barcodes including some checked out items and some withdrawn items
4 - Enter that list of barcodes into inventory tool
5 - Note your results
6 - Apply patch
7 - Issue the items again
8 - Repeat inventory
9 - Confirm results are the same as before patch
Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Validate that the files in linking files are contained within the ZIP.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
There's no reason to allow symlinks for link files in cover image
ZIP files. Preventing their use prevents someone from uploading
a symlink pointing to an existing file on the Koha server.
Test plan:
0. Apply patch and restart/reload Koha
1. Create a PNG cover image
2. Create a datalink.txt file that contains something like the
following:
29,Untitled.PNG
3. Turn on "LocalCoverImages" system preference
4. Upload via http://localhost:8081/cgi-bin/koha/tools/upload-cover-image.pl
5. Go to http://localhost:8081/cgi-bin/koha/catalogue/detail.pl?biblionumber=29
6. Note the cover image has been uploaded
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
* Perltidied the section with tabs in printslip.pl
* Fixed indentation and tabs in letter.tt
* Added missing TT filters to members-toolbar.inc
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds a new module to letters 'patron_slip' / Patrons toolbar
(slip)
This also combines some of the slip printing JS to make things more
direct
To test:
1 - Apply patch
2 - restart_all
3 - yarn build
4 - Confirm you can print slip, summary, quickslip, and checkin slip
when viewing a patron's account
5 - Enable DisplayClearScreenButton syspref, and test that it works
with both values
6 - Go to Tools->Notices and slips
7 - Define a new notice in the 'Patron toolbar (slip)' module
8 - Enter content like below in the 'Print' transport:
Patron has [% borrower.holds.count %] holds
List of holds:
[% FOREACH hold IN borrower.holds %]
===============================
Reserve id: [% hold.reserve_id %]
Title [% hold.biblio.title %]
[% END %]
9 - Go to patron scree
10 - Note new option under 'Print'
11 - Print the new slip and confirm it works (try with and without
placing holds for patron
Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch modifies cataloging tools templates so that title tags can be
more easily translated. The patch also makes some modifications to
titles, breadcrumb navigation, and page headers in order to make them
more consistent with each other and with other similar pages.
Note that stockrotation.pl has been modified so that rota information is
available to the template in more cases for the purpose of showing that
information in navigation and headings.
To test, apply the patch and go to Cataloging. Test each page and each
variation of the page to confirm that titles, breadcrumbs, and page
headers look correct.
- Export catalog data
- Stage records for import
- Main page
- Upload file -> Stage for import
- Manage staged records
- Main page
- Batch details
- Import batch
- Batch item modification and batch item deletion
- Main page
- Submit batch
- Save
- Batch record modification
- Main page
- Submit batch
- Modify selected
- Batch record deletion
- Main page
- Submit batch
- Delete selected
- MARC modification templates
- Main page
- Edit actions for a template
- Item modifications by age
- Main page
- Add rules
- Stock rotation
- Main page
- New rota
- Edit rota
- Manage stages for rota
- New stage
- Edit stage
- Manage items for rota
- Add items
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
In the design of additional contents the idea of a parent-child relation is implicitly present. You have a default page and translations.
But we do this in one table coming from the old news items.
Several reports show that we would be better off creating a parent table listing the main news items, CMS pages or HTML content. And a child table containing the title, content and lang.
Note that this first step is a prelimenary step to clean this area and make it more robust and extensible. More enhancements to come.
What is this patchset doing?
* DB changes
- Rename additional_contents.idnew with id
- Create a new table additional_contents_localizations(id, additional_content_id, title, content, lang) that will contain the translated contents
- Move the content to this new table
- Remove title, content and lang columns from additional_contents
- Replace the notice templates that are using ''<news>" (should only be ISSUESLIP) and remove support for this syntax. Also add a warning in case other occurrences of uses of the old syntax exist.
* CRUD
- We add a new Koha::AdditionalContentsLocalization[s] couple, and move some logic from Koha::AdditionalContent[s] to there. Note that, to prevent too much drastic changes in notice templates, and to make them easy to use, the different attributes of the content object is accessible from the translated content object (ie. Koha::AdditionalContentsLocatlization->library is available and return $self->additional_content->library). I think it's an elegant way to keep things simple.
- No changes expected for "NewsLog" logging
- Little behaviour changes for pages, see tools/page.pl changes. We are now passing the id of the content, and the desired language, instead of the mix of "page_id" or code and lang. Note that here we certainly need to rename "language" query param to not change the full interface language.
Test plan:
0. Preparation steps, use master
a. Create notice templates that are using "<< additional_contents.code >>". This won't be replaced, but we want the update process to alert us.
b. Create several news, additional contents, pages. Some with translated contents, some without.
c. Make sure ISSUESLIP has the "<news>" section. If you are using the sample data there is nothing to do here
d. Turn on NewsLogs
1. Apply the patches, restart_all, updatedatabase
=> Confirm that the new table is created and filled with the contents you had prior to the update
=> Confirm that additional_contents_localizations.updated_on has been kept to the previous values
=> Confirm that ISSUESLIP has been replaced properly
=> Confirm that you get a warning about the additional_contents
2. Create, update, delete news, html customs, pages
=> Confirm that the additional_contents_localizations.updated_on is only adjusted when required
=> Confirm that the logs are correctly created when NewsLogs is on
3. Check some items out, generate a slip
=> Confirm that the news are displayed at the bottom of the slip, and that the publication date is correctly formatted
4. Have several HTML customizations (like OpacNav, opacheader), in translated in different languages
=> Confirm that the default values is displayed when you are using the interface in a language without translation
=> Confirm that the translated version is picked when it exists
Notes for QA:
* I am not sure we really need the alert during the update DB process about the additional_contents leftover. We should not have them outside of ISSUESLIP.
Shouldn't it hurt?
* There is something ugly in sample_news.yml, the id is hardcoded. But how do we prevent that and keep translatability?
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This change validates and escapes inputs for task scheduler.
Test plan:
0. Apply patch
1. koha-plack --reload kohadev
2. Go to http://localhost:8081/cgi-bin/koha/tools/scheduler.pl
3. Input a time a minute in the future and leave the date blank
4. Choose an existing report and output format
5. Type a malicious string which is also a valid email address
into the Email field
6. Click "Save"
7. Note that the job is added but the Email is wrapped in single
quotes
8. Try using a non-malicious email address with a single quote.
9. Note that the single quote is escaped, so that it will still
be used by runreport.pl
JD amended patch: tidy
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Removed pars for $email =~ regex, removed old commented lines.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
It is not possible to perform batch patron modification without selecting
a patron attribute
Test plan:
Test the batch patron modification tool, with or without extended
attributes.
The error was
Can't call method "category_code" on an undefined value at /kohadevbox/koha/tools/modborrowers.pl line 407
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To test:
1. Go to Item types administration.
2. Set some items types to be limited to a branch you are not logged in as.
3. Find some items from the branch you are logged in at and go to Batch item modification.
4. Add the barcodes and attempt to edit the item type to the one you limited in step 2.
5. You can change these item types to ones that your branch should not be able to.
6. Apply patch
7. Try steps 4 -5 again but this time you should not see item types in the dropdown that are limited to other branches.
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
not only the first one
Signed-off-by: Philip Orr <philip.orr@lmscloud.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds the ability to set patron attributes marked as
repeatable in the batch patron modification tool.
Prior to this patch they were ignored.
Test plan:
You should try with several combinaisons and set patron attributes using
the batch patron modification tool.
Make sure there is no data lose and that the result is what you expect
Please detail in a comment what you tested.
Signed-off-by: Philip Orr <philip.orr@lmscloud.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
